Norway’s data protection authority, Datatilsynet, has issued a warning to Meta Platforms, the owner of Facebook and Instagram. The authority has threatened to fine Meta one million crowns ($100,000) per day due to privacy breaches. The penalty will be charged daily from August 4 until November 3 unless Meta takes corrective action.
Datatilsynet specifically stated that Meta cannot harvest user data in Norway, such as physical locations, and use it for targeted advertising without proper consent. This practice, known as behavioral advertising, is common among big tech companies. Tobias Judin, head of Datatilsynet’s international section, stressed the urgency of intervention due to the clear illegality of these actions.
Meta has responded by stating that it will review Datatilsynet’s decision but claims there will be no immediate impact on its services. However, if the European Data Protection Board agrees with Datatilsynet’s referral, the fine could become permanent and have broader implications in Europe. This latest development in Norway comes just days after the top court of the European Union ruled against Meta’s data harvesting practices for behavioral advertising.
Meta acknowledged ongoing engagement with Ireland’s Data Protection Commission (DPC), its lead regulator in the EU. In December 2020, DPC issued an order for Meta to cease this data collection practice. The company expressed concerns about regulatory uncertainty surrounding legal bases and emphasized the need for clarity in this area.
Overall, Datatilsynet’s warning and potential fine highlight growing concerns over privacy breaches by major tech companies like Meta Platforms. The outcome of this case may have significant implications not only for Meta but also for other tech giants operating within Europe.